I manage several server systems that are connected to managed Cisco switches which carry a whole bunch of VLANs. Quite frequently I need to setup a host in one of these VLANs to provide a service or test something.
Ubuntu Server or any other Debian based Linux OS makes it simple to connect a server or PC to a trunk port on a switch and then create multiple virtual interfaces on the system.
The example below assumes you have a server with two Ethernet cards: eth0 and eth1. eth0 is the servers primary network interface and is connected to a normal switchport and configured in /etc/network/interfaces statically.
eth1 is connected into a cisco switch and that port is configured as vlan trunk port. VLANs with IDs 3,4 and 101 are being presented over this trunk port and you would like the Server to bring up an interface in each of these VLANs and configure an IP address for each.
First of all you need to ensure you have the userspace VLAN tools installed on your system. Modern debian and ubuntu releases call this package: vlan some older distros call it vconfig so run either:
sudo apt-get install vlan
sudo apt-get install vconfig
Thats all the extra software you will need. The remainder of the configuration takes place in the /etc/network/interfaces file, the example below should be fairly self explanatory.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 | # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 172.16.16.2 netmask 255.255.255.0 network 172.16.16.0 broadcast 172.16.16.255 gateway 172.16.16.1 dns-nameservers 172.16.16.1 8.8.8.8 # You could make the following interface a static or DHCP interface if needed, # if it is just going to be used for vlan trunks then all your need is: auto eth1 iface eth1 inet manual # virtual interface for VLAN ID 3 auto eth1.3 iface eth1.3 inet static address 192.168.8.1 netmask 255.255.255.0 # virtual interface for VLAN ID 4 auto eth1.4 iface eth1.4 inet static address 10.34.12.45 netmask 255.255.254.0 # virtual interface for VLAN ID 101 auto eth1.101 iface eth1.101 inet static address 172.25.12.4 netmask 255.255.255.0 |
So you simply specify the physical interface the vlan tagged packets will come in on and the ID of the vlan separated by a period “.” e.g. eth2.556
These interfaces will now be brought up when the system boots, if you want to bring one up or down straight away without a reboot you can:
sudo ifup eth1.3
You should see some output similar to:
$ sudo ifup eth1.3
Set name-type for VLAN subsystem. Should be visible in /proc/net/vlan/config
Added VLAN with VID == 3 to IF -:eth1:-
ssh stop/waiting
ssh start/running, process 10882
$
Running ifconfig should report something along the following lines:
eth1.3 Link encap:Ethernet HWaddr 00:00:00:00:5e:5f
inet addr:192.168.8.1 Bcast:192.168.8.255 Mask:255.255.255.0
inet6 addr: fe80::0001:0001:0001:0001/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:35 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:7389 (7.3 KB)
Now any 802.1q tagged packets tagged with VLAN ID 3 coming into the eth1 interface will be unwrapped by the kernel and handed to your brand new eth1.3 virtual ethernet interface.
sudo apt-get install ifmetric
You then need to specify a higher metric for this interface in its definition. e.g.
auto eth1.3
iface eth1.3 inet dhcp
metric 1
Not specifying a metric for an interface is the same as it having metric 0, so you dont need to explicitly set <code>metric 0</code> this for your primary interface.
